In a coordinated takedown, law enforcement agents around the world have teamed up to shut down the well-known cybercrime forum Darkode, pursuing 70 of its members and associates resulting in 28 arrests so far. In the US, the Department of Justice and the FBI have announced criminal charges against 12 individuals including the site's alleged admin, Johan Anders Gudmunds, aka Mafi aka Crim aka Synthet!c, and the seizure of the site's servers. Dubbed Operation Shrouded Horizon, the effort by police in 20 countries took on a forum known as a place for cyber criminals to swap tips and tools (botnets, spamming services, you name it) of the trade. Brian Krebs has been reporting on Darkode's community for quite some time, including a profile published after its administrators tricked him into publishing details on a fake Java exploit.

Feel safe with your fully-patched computer? If you use Flash and land on the wrong website, you may get a virus or even a cryptolocker that renders your machine unusable. That's because a sophisticated "zero-day" exploit stolen from Hacking Team has now been released into the wild. As a reminder, Hacking Team is the infamous outfit that supplies US law enforcement and various governments around the world with digital spying tools. However, the company suffered an embarrassing attack on its own servers, and among the 400GB of data stolen were some nasty tools originally intended for use by agencies like the US Drug Enforcement Agency.

While you've been busy enjoying guns that fire cars, piloting flying saucers or swimming 'round a flooded Los Santos thanks to mods for the PC version of GTA V something darker's lurked beneath the surface. GTAForums user aboutseven noticed that a C# compiler was running in the background on his or her computer and traced it back to a file dubbed "Fade.exe." Upon further inspection she or he spotted that it was using internet access. Turns out it was a keylogger. Process of elimination deduced that "Noclip," which allows you to examine the insides of objects freely, and "Angry Planes," which spawns incredibly, well, angry, planes that attack you with kamikaze-like fury, were the culprits behind the malware infection.

It may seem like mobile viruses are everywhere, but Verizon would beg to differ. The carrier has issued a report on data breaches which finds that the security threats to your phone are generally "overblown." The total number of security holes that have been used for exploits, regardless of platform, is "negligible" -- whatever device you use, you probably aren't at risk as long as you use common sense.

Mobile malware is bad enough by itself, but it's a nightmare at work -- one infection could put everyone's phones at risk, if not the whole business. IBM has a fix, though. A new version of its MobileFirst Protect tool now automatically looks for virus-ridden Android and iOS apps on staffers' phones, and puts any compromised device on lockdown before it can pose a threat to you or anyone else. It immediately limits access to apps and services, and it'll let your IT staff know if there's trouble. The system automatically updates its malware knowledge, too, so it shouldn't be caught off-guard by recently discovered exploits. Yes, IBM's threat tool is another form of corporate oversight, but it could prove a lifesaver if it prevents a careless coworker from wrecking your personal phone.

Europol and police forces across Europe have shut down Ramnit, a botnet that infected up to three million computers world-wide. The virus, generally installed by email phishing attacks or rogue sites (please stop clicking on attachments, whoever your are) was mostly used by criminal hackers to steal banking info. If you were so foolish to click, the program gives hackers remote access to your Windows PC, letting them steal banking credentials, personal details and other info. The countries hit hardest were the US, India and Bangladesh.

It's no secret that hackers see banks as prime targets, but one band of digital thieves is conducting heists on a truly grand scale. Security researchers at Kaspersky have published details of malware attacks that have stolen at least $300 million from financial institutions in 30 countries. The crooks not only trick bank employees into installing a virus (Carbanak) through spoofed email, but spy on staff in order to mimic their behavior and prevent any telltale signs that money is falling into the wrong hands. Many of the attacks focus on shuffling money to outside accounts, although some will send paper cash to ATMs monitored by criminals.

Given how hard antivirus software makers push you to sign up, you'd think that business was booming. Far from it, according to Symantec's Brian Dye. He tells the Wall Street Journal that antivirus tools like his company's Norton suite are effectively "dead." The utilities now catch less than half of all attacks, according to the executive -- to him, the focus is on minimizing the damage whenever there's a successful hack or infection.

Google's Transparency Report has long warned us about the dangers of government overreach, but that's not the only threat online -- there's plenty of malware to go around. Accordingly, Google is expanding its report to show the volumes of virus-infected and phishing sites found through the company's Safe Browsing technology. The data includes both attacking and victim pages, and it shows how well web hosts cope with successful infections. Combined, the new information doesn't paint a pretty picture. Google spotted a total of 67,909 compromised sites just in mid-June, and it still takes over a month for most affected webmasters to scrub their servers clean. The Safe Browsing data isn't very reassuring, then, but it is a friendly reminder to be careful on the web.

Viruses usually have to be rendered inert to work in humanity's favor, as anyone who has received a flu shot can attest. Auburn University has bucked that trend by discovering a way to put active viruses to work in not only diagnosing sickness, but in preventing it in the first place. It's using bacteria-hating (and thankfully harmless) viruses as biosensors to quickly identify superbugs, or antibiotic-resistant bacteria that can sometimes prove fatal. As the viruses change color once they've reached impervious bacterial strains, in this case variants on Staphylococcus, they can reveal superbugs within 10 to 12 minutes -- a potentially lifesaving interval when current purification-driven methods can take hours. Auburn would like to eventually use what it has learned to develop more effective antibacterial glass and similar surfaces. If successfully put into practice, either breakthrough could mitigate what's already a major medical crisis.

Kaspersky Labs' namesake Eugene Kaspersky is worried that widely distributed and potentially state-sponsored malware like Flame and Stuxnet pose dire threats to often lightly protected infrastructure like communication and power plants -- whatever your nationality, it's clearly bad for the civilian population of a given country to suffer even collateral damage from cyberattacks. To minimize future chaos and literally keep the trains running, Kaspersky and his company are expanding their ambitions beyond mere antivirus software to build their own, extra-secure operating system just for large-scale industry. The platform depends on a custom, minimalist core that refuses to run any software that isn't baked in and has no code outside of its main purposes: there'll be no water supply shutdowns after the night watch plays Solitaire from an infected drive. Any information shared from one of these systems should be completely trustworthy, Kaspersky says. He doesn't have details as to when the OS will reach behind-the-scenes hardware, but he stresses that this is definitely not an open-source project: some parts of the OS will always remain confidential to keep ne'er-do-well terrorists (and governments) from undermining the technology we often take for granted.

McAfee's been offering mobile protection services on Android for a while now, but Verizon's taking it a step further and bringing an application tailored specifically for its own customers with help from the Intel-owned outfit. The Mobile Security app -- which is also powered by Asurion -- aims to assist the Big Red crowd by protecting their devices from many "digital and physical threats," giving Android (2.1 or later) users the ability to lock, set up alarms, wipe data and locate handsets remotely. As it stands, Verizon's splitting the Mobile Security utility into three different setups, including a free-of-charge Basic, the Premium for $2 per month and, for those who want to be extra careful, a Premium with Total Equipment Coverage that adds a $1 monthly charge to the current TEC fees. We'll let your levels of paranoia decide whether or not you actually need any of these -- but alas, the link is down below for folks interested in checking out the shielding app.

Having recently wrapped up the Motorola Mobility acquisition, Google's now moving onto different pastures and spending its cash elsewhere -- more specifically on an outfit known as VirusTotal. And, as the internet security company confidently points out, the deal is "great news for you, and bad news for malware generators because Google's infrastructure will ensure that our tools are always ready, right when you need them." As for the Android creator, well, let's just say it, too, is happy to have the VirusTotal team aboard -- who, in the process, joins the likes of Sparrow and QuickOffice as part of Mountain View's most recent purchases. Google's official response on the matter can be found below, courtesy of The Next Web.

Security is incredibly important to our users and we've invested many millions of dollars to help keep them safe online. VirusTotal also has a strong track record in web security, and we're delighted to be able to provide them with the infrastructure they need to ensure that their service continues to improve.

Windows users can't catch a break with viruses, even when they're getting software for their Apple device. An app called "Instaquotes Quotes Cards for Instagram" was found to contain a worm called "Worm.VB-900," which isn't a threat to iOS itself or any other MacOS platform. However, users who tend to their apps with a Windows machine are susceptible to the baddie -- also known affectionately as Mal/CoiDung-A. Any antimalware should detect it since it's been up to no good since 2009, but Cupertino has already pulled the app and the vendor is working on a virus-free version. Just goes to show -- if you're on a PC, it pays to watch out for worms when you bite into a strange Apple.

Ever since Stuxnet was discovered, most of the accusing fingers have been pointed at the US, Israel or both, whether or not there was any evidence; it was hard to ignore malware that seemed tailor-made for wrecking Iranian centrifuges and slowing down the country's nuclear development. As it turns out, Occam's Razor is in full effect. An exposé from the New York Times matter-of-factly claims that the US and Israel coded Stuxnet as part of a cyberwar op, Olympic Games, and snuck it on to a USB thumb drive that infected computers at the Natanz nuclear facility. The reason we know about the infection at all, insiders say, is that it got out of control: someone modified the code or otherwise got it to spread through an infected PC carried outside, pushing Obama to either double down (which he did) or back off. Despite all its connections, the newspaper couldn't confirm whether or not the new Flame malware attack is another US creation. Tipsters did, however, deny that Flame is part of the Olympic Games push -- raising the possibility that there are other agencies at work.

The White House has been drumming up momentum for tighter internet privacy laws for a while now, and today it's furthering that online safety agenda with a new initiative for combating botnets. Washington just announced a pilot program for fighting viruses, citing a whopping five million PCs infected worldwide this year. The program will use principles outlined by the Industry Botnet Group, with the main goal being to educate internet users on the dangers of cyberspace while preventing botnets from spreading by sharing data about infected computers. The White House is working with the Information Sharing and Analysis Center to develop and implement the "botnet pilot," presumably to enact those anti-virus principles.

Normally, firewalls at cellular carriers are your best friends, screening out malware before it ever touches your phone. University of Michigan computer science researchers have found that those first lines of defense could be your enemy through a new exploit. As long as a small piece of malware sits on a device, that handset can infer TCP data packet sequence numbers coming from the firewall and hijack a phone's internet traffic with phishingsites, fake messages or other rogue code. The trick works on at least 48 carriers that use firewalls from Check Point, Cisco, Juniper and other networking heavy hitters -- AT&T being one of those providers. Carriers can turn the sequences off, although there are consequences to that as well. The only surefire solution is to either run antivirus apps if you're on a mobile OS like Android or else to run a platform that doesn't allow running unsigned apps at all, like iOS or Windows Phone. Whether or not the exploit is a serious threat is still far from certain, but we'll get a better sense of the risk on May 22nd, when Z. Morley Mao and Zhiyun Qian step up to the podium at an IEEE security symposium and deliver their findings.

Viruses are the swarming bullies of biology, but it turns out their alarming self-replication could one day power your iPod. We've seen them in batteries before, but researchers at Berkeley Labs have now coated electrodes with modified M13 bacteriophage, a harmless bacteria-eating virus, to create the first ever organic piezoelectric material -- which can convert force to electricity. The team explained that such a substance would be non-toxic, organize naturally into thin layers and self-regenerate, giving it a possible advantage over chemical options. In theory, by attaching a thin film of it to your shoes, power could be generated when walking, lending volts to the myriad electronics we pack around nowadays. To see a finger-powered video demo of our frequent-enemies making themselves useful for a change, stroll on past the break.

Folks still rocking Apple's Leopard may have been feeling left out after Lion and Snow Leopard both got an update for addressing that Flashback malware. If you're one of them, you'll be glad to know that Apple has finally issued a Leopard fix that comes with a removal tool for the vulnerability afflicting its big cats. In addition to a 1.23MB Flashback update, Apple also released a second 1.11MB fix for Leopard that disables versions of Adobe Flash Player that don't have the requisite security updates. Both should further whittle down the number of Apple computers affected by the Flashback trojan. For the actual updates, feel free to pounce on the source links below.

By now, we're all quite familiar with the Java-driven trojan that's affected thousands of Apple's rigs, and while the numbers seem to have drastically dropped since the first Cupertino fix, there's still a plethora of machines carrying the bug. According to Symantec, the number of infected computers is now at around 140,000, seeing a decline of over 460,000 since April 9th. Still, the security outfit remains puzzled by the fact, as it expected the digits to be somewhere near the 99,000 mark by now. Perhaps this is due to some folks not even being aware of Flashback's existence, or maybe not checking for software updates as often as most of us. Either way, we hope you've already used one of the tools Apple handed you.

]]>
Wed, 18 Apr 2012 07:21:00 -040021|20218185http://www.engadget.com/2012/04/10/apple-publishes-support-page-for-flashback-malware-is-working-o/%3Futm_medium%3Dfeed%26utm_source%3DFeed_Classic%26utm_campaign%3DEngadget%26ncid%3Drss_semi
http://www.engadget.com/2012/04/10/apple-publishes-support-page-for-flashback-malware-is-working-o/http://www.engadget.com/2012/04/10/apple-publishes-support-page-for-flashback-malware-is-working-o/%3Futm_source%3DFeed_Classic%26utm_medium%3Dfeed%26utm_campaign%3DEngadget%23commentsAfter the Flashback / Flashfake Mac trojan was exposed by Russian site Dr. Web, Apple has finally responded by publishing a support page about the issue and promising a fix. If you haven't heard by now, the malware exploits a flaw in the Java Virtual Machine, which Oracle pushed a fix for back in February, but Apple didn't patch until a botnet consisting of as many as 650,000 Macs was identified on March 4th. Antivirus maker Kaspersky has confirmed the earlier findings, and released a free tool affected users can run to remove the trojan from their computers. Other than the update already delivered for computers running OS 10.6 and 10.7 Apple recommends users on 10.5 and earlier disable Java in their browser preferences. What isn't mentioned however, is when its fix is incoming or any timetable on its efforts with international ISPs to cut off the IP addresses used by the network. This is not the first time Macs have fallen prey to malware and as their market share grows will likely not be the last, so don't think just opting for OS X is automatically keeping you a step ahead security-wise. Check the links below for more information about what the malware does, and how to get rid of it.

]]>
Tue, 10 Apr 2012 21:50:00 -040021|20212858http://www.engadget.com/2012/02/02/googles-bouncer-service-scans-the-android-market-for-malware/%3Futm_medium%3Dfeed%26utm_source%3DFeed_Classic%26utm_campaign%3DEngadget%26ncid%3Drss_semi
http://www.engadget.com/2012/02/02/googles-bouncer-service-scans-the-android-market-for-malware/http://www.engadget.com/2012/02/02/googles-bouncer-service-scans-the-android-market-for-malware/%3Futm_source%3DFeed_Classic%26utm_medium%3Dfeed%26utm_campaign%3DEngadget%23commentsGoogle has had its fairshare of malware-related problems in the Android Market, but that's hopefully about to change, now that the company has announced a new security-enhancing service. Codenamed "Bouncer," Mountain View's new program sounds pretty simple, in principle: it just automatically scans the Market for malware, without altering the Android user experience, or requiring devs to run through an app approval process. According to Hiroshi Lockheimer, Android's VP of Engineering, Bouncer does this by scanning recently uploaded apps for spyware, trojans or any other lethal components, while looking out for any suspicious behavior that may raise a red flag. The service also runs a simulation of each app using Google's cloud-based infrastructure, and regularly checks up on developer accounts to keep repeat offenders out of the Android Market. Existing apps, it's worth noting, will be subject to the same treatment as their more freshly uploaded counterparts. Lockheimer went on to point out that malware is on the decline in the Market, citing a 40 percent drop between the first and second halves of 2011, and explained some of Android's fundamental security features, including its sandboxing and permission-based systems. Head for the source link below to read the post in full.

]]>
Thu, 02 Feb 2012 15:30:00 -050021|20162568http://www.engadget.com/2012/01/06/japan-working-on-powerful-cyber-weapon-knows-best-defense-is-a/%3Futm_medium%3Dfeed%26utm_source%3DFeed_Classic%26utm_campaign%3DEngadget%26ncid%3Drss_semi
http://www.engadget.com/2012/01/06/japan-working-on-powerful-cyber-weapon-knows-best-defense-is-a/http://www.engadget.com/2012/01/06/japan-working-on-powerful-cyber-weapon-knows-best-defense-is-a/%3Futm_source%3DFeed_Classic%26utm_medium%3Dfeed%26utm_campaign%3DEngadget%23comments
The Japanese government has been (relatively) quietly churning away on an advanced new cyber weapon. In the post Stuxnet age it's no surprise that a government would be working on powerful new tools to defend its digital borders, but this particular virus (developed with help from Fujitsu) is raising eyebrows with some over how it accomplishes its goals. Essentially, when it detects an intruding piece of malware, the program follows the virtual trail left behind back to the attack's source -- disabling every machine it encounters along the way. The goal, obviously, is to stop the spread of a malicious piece of code by finding and shutting down, not just the source, but all middleman PCs that are also now potential hosts. In some admittedly extreme scenarios this weapon could potentially spiral out of control, taking out far more computers than intended. Nightmarish hellscapes dominated by computers run amok aside, its definitely interesting and we understand how it might cause some concern. Check out the source for a few more details.

]]>
Fri, 06 Jan 2012 07:48:00 -050021|20141036http://www.engadget.com/2011/11/16/university-gets-188-million-amd-based-supercomputer-free-copy/%3Futm_medium%3Dfeed%26utm_source%3DFeed_Classic%26utm_campaign%3DEngadget%26ncid%3Drss_semi
http://www.engadget.com/2011/11/16/university-gets-188-million-amd-based-supercomputer-free-copy/http://www.engadget.com/2011/11/16/university-gets-188-million-amd-based-supercomputer-free-copy/%3Futm_source%3DFeed_Classic%26utm_medium%3Dfeed%26utm_campaign%3DEngadget%23comments
It used to be that you only needed a bachelor's degree and elbow patches to be taken seriously as an academic, but now it's all about that 50-petaflop supercomputer with 500 petabytes of storage whirring away in the basement. The University of Illinois used to shop with IBM, but it's just about to have a brand new Cray XK6 installed instead, so it can continue providing computing power to the National Science Foundation's Blue Waters project. It's not all about inciting gadget envy, of course: the machine's unlikely truce of AMD Opteron 6200 16-core processors and NVIDIA Tesla GPUs will help more than 25 teams of scientists to model and understand real-world phenomena, from the damage caused by earthquakes to the way viruses to break into cells. Breakthroughs from these projects will -- hopefully, one day -- make the $188 million total cost of Cray's products and services seem like a bargain. Full details in the PR after the break.

Windows 8 is renaming the second week of every month. After "Patch Tuesday" comes "Gentle reminder Wednesday," "Polite yet firm suggestion Thursday" and "Automatic restart Friday". In order to keep everyone's system secure, Windows Update will download patches in the background before adding a notification on your lock screen that you're due a restart. If you haven't managed it within 72 hours, you'll be given a 15 minute warning to save your work and close up before it forces the shutdown -- unless you're watching a movie or conducting a presentation, it'll lie in wait for your next idle period to do it. With this system, you'll only have to complete the procedure once a month and can plan your schedule accordingly. The only time the system will deviate is when a security threat like a blaster worm appears, at which point Microsoft will ensure you're restarting as soon as a fix is available. What, you didn't know that "keeping end-users on their toes" was a feature?